More than 75% of Americans today have Internet access at home and about 65% of those have broadband access. With this increase in connectivity, however have come the inevitable bad side effects of any technology. Threats to our personal safety, security and especially to that of our children have gone up dramatically. From identity theft to child predators, the Internet in some ways provides an easier avenue for these threats to be realized - often taking advantage of our lack of awareness and trust. After all how many of us sit with the assumption that a faceless machine sitting in the study or kid's bedroom can be a source of danger? This talk will introduce you the major categories of problems plaguing web surfers today. Special focus will be paid to the risks posed to children and teenagers online. All through the presentation recommendations for protection will be made and illustrated.
Dean H. Saxe - Managing Consultant, Foundstone Professional Services (a Division of McAfee) Dean is a Managing Consultant at Foundstone. He is responsible for conducting web application penetration testing, threat modeling, code reviews, secure software development lifecycle (S-SDLC) design and implementation, and project management. Dean also provides client education services as a lead instructor of these Foundstone courses: Building Secure Software, Writing Secure Code: Java/J2EE, and Writing Secure Code: ColdFusion.
Dean has nine years of software development experience in a variety of industries, including banking, education, and quality control. Since 2001, he has focused on secure software development and web application security. Prior to working at Foundstone, Dean held the position of manager of web application security for a corporate cash-management application service provider. In this position, he implemented the company's first secure software development and deployment guidelines, development frameworks to support secure coding paradigms, tools used for the semi-automated remediation of application vulnerabilities, and static code analysis tools to expedite conducting secure code reviews. Dean co-founded and remains active in the Atlanta ColdFusion User Group (ACFUG) and is an active member of the Open Web Application Security Project (OWASP) Atlanta Chapter.
At Foundstone, Dean has worked with multinational telecommunications providers, utility companies, and software manufacturers to perform threat modeling and code reviews of numerous business critical applications. He has identified the lack of developer training and the lack of formalized secure software development and deployment practices as the root cause of many critical application vulnerabilities. Dean's findings have led to an ongoing effort at many organizations to incorporate security into the software development lifecycle (SDLC). Key factors of success in this effort include developer training on secure development practices through Foundstone courses, the addition of threat modeling to all phases of the SDLC, and the identification of "security evangelists" within each development organization.
Dean attained the Certified Ethical Hacker (CEH) designation in 2004 and the Certified Information Systems Security Professional (CISSP) designation in 2006. Dean holds a BA in biology from The Johns Hopkins University in Baltimore, Maryland.
October 2009 |
|
|
|||
|
|
|
|
|
|
|
|||
|
|
|||
|
|
|||
|
|
|
|
|